Not exactly. Compromising a CA would let them fool a browser into thinking that a fake Google certificate is a real one. However, if Google were diligent, they could publish their valid cert signatures anywhere they like, and users could check the signatures of the certs that are presented as genuine.
The TSA can't crack or impersonate a cert at will; they can only 1) try to trick you into accepting a phony one or 2) demand/steal the private key from the site.
It's not scalable at all, but cuts out a large attack vector for a lot of communications. It wouldn't take a ton of pinned certificates to make a big dent in these NSA programs--really just look at the logos and make sure that each has their certificates pinned.
Traditionally you generate an SSL public and private key, and send only the public key to the certificate authority for signing, so compromising the certificate authority doesn't give you the private key.
It does however give you the ability to issue yourself new public keys to conduct man-in-the-middle attacks [1]. If you compromise the same CA as the site whose traffic you're trying to intercept, you can bypass certificate pinning which is supposed to detect MITM attacks. So for example you can MITM gmail without certificate pinning detecting it if you compromise Verisign, Equifax or GeoTrust [2]
The TSA can't crack or impersonate a cert at will; they can only 1) try to trick you into accepting a phony one or 2) demand/steal the private key from the site.